• Publications
  • Influence
The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications
AVISPA is a push-button tool for the automated validation of Internet security-sensitive protocols and applications. It provides a modular and expressive formal language for specifying protocols and
SecureUML: A UML-Based Modeling Language for Model-Driven Security
The approach is based on role-based access control with additional support for specifying authorization constraints and can be used to improve productivity during the development of secure distributed systems and the quality of the resulting systems.
Model driven security: From UML models to access control infrastructures
This work presents several instances of this schema that combine (both syntactically and semantically) different UML modeling languages with a security modeling language for formalizing access control requirements, and generates access control infrastructures for server-based applications built from declarative and programmatic access control mechanisms.
The TAMARIN Prover for the Symbolic Analysis of Security Protocols
The Tamarin prover supports the automated, unbounded, symbolic analysis of security protocols. It features expressive languages for specifying protocols, adversary models, and properties, and support
Decentralized Privacy-Preserving Proximity Tracing
This system, referred to as DP3T, provides a technological foundation to help slow the spread of SARS-CoV-2 by simplifying and accelerating the process of notifying people who might have been exposed to the virus so that they can take appropriate measures to break its transmission chain.
Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties
A general approach for the symbolic analysis of security protocols that use Diffie-Hellman exponentiation to achieve advanced security properties using a novel constraint-solving algorithm that supports both falsification and verification, even in the presence of an unbounded number of protocol sessions.
OFMC: A Symbolic Model-Checker for Security Protocols
We present the on-the-fly model checker OFMC, a tool that combines two ideas for analyzing security protocols based on lazy, demand-driven search. The first is the use of lazy data types as a simple
OFMC: A symbolic model checker for security protocols
The on-the-fly model checker OFMC is presented, a tool that combines two ideas for analyzing security protocols based on lazy, demand-driven search and the integration of symbolic techniques and optimizations for modeling a lazy Dolev–Yao intruder whose actions are generated in a demand- driven way.
An information-theoretic model for adaptive side-channel attacks
A model of adaptive side-channel attacks which is combined with information-theoretic metrics to quantify the information revealed to an attacker is presented, which allows an attacker's remaining uncertainty about a secret as a function of the number of side- channel measurements made.
ARPKI: Attack Resilient Public-Key Infrastructure
ARPKI is the first such infrastructure that systematically takes into account requirements identified by previous research, and it is co-designed with a formal model, and its core security property is verified using the Tamarin prover.